From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from mail.kernel.org (mail.kernel.org [198.145.29.99])
 by mx.groups.io with SMTP id smtpd.web08.232.1613067998826624724
 for <devel@edk2.groups.io>;
 Thu, 11 Feb 2021 10:26:38 -0800
Authentication-Results: mx.groups.io;
 dkim=pass header.i=@kernel.org header.s=k20201202 header.b=mMpqMlUo;
 spf=pass (domain: kernel.org, ip: 198.145.29.99, mailfrom: ardb@kernel.org)
Received: by mail.kernel.org (Postfix) with ESMTPSA id B218164E5F;
	Thu, 11 Feb 2021 18:26:37 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org;
	s=k20201202; t=1613067997;
	bh=CRtp9pD4YwkD17xWRT1aPHyyYC4OgLTWpYhRw9wUQKk=;
	h=References:In-Reply-To:From:Date:Subject:To:Cc:From;
	b=mMpqMlUovvsokKH6hl0CCQF6vj71/Hg9nm9EL+oCLqyvmIV/ZOnThM3GZFxM8jzk9
	 vB4+J6YfBKDqd6p1ib0wv5Xx7GIFg9g6gZDAfTtI84R+smSKAeDs4IBavu/PxyY8W4
	 7TB9DrjqSMjHm+fSaeqm+LQ0aummHSz86ErAbJyGihXCBdEDwAEIzMSeAHRG8O+8Rc
	 tKoAY0uubIemHvkdnWCBzgG32nyYaFuWwRKSD/6Qf2aQS17rbWvLA7AKF3d0XWbtk+
	 e8ySC6gti1MiVoIGrdnZVNJfdXlVlE1Prk636S6W1doWcRPJ9uduUtMnyW1a111Awe
	 gtpd+2F/c76Ew==
Received: by mail-oo1-f45.google.com with SMTP id x19so1502442ooj.10;
        Thu, 11 Feb 2021 10:26:37 -0800 (PST)
X-Gm-Message-State: AOAM531nhBsDy20RU81UkMqsSN47Xc+NEzEQf3VRBn3St4SGMHoLRj+d
	zOJXHr0TV1qYltbHFAtgKCDwYND3461DssveJGw=
X-Google-Smtp-Source: ABdhPJzZ1fbrKTSlThTqBAQfZyoFyyJfp2Rzo/GoixfNDllvf5CoMBquPvI9/W1FpOP+ynIfhxVBuYK+BzrP75Uzuhs=
X-Received: by 2002:a4a:55c8:: with SMTP id e191mr1485473oob.13.1613067997056;
 Thu, 11 Feb 2021 10:26:37 -0800 (PST)
MIME-Version: 1.0
References: <70a4f9e7-952c-cf05-bca7-009ee5b2cd3f@nuviainc.com>
 <DB7PR08MB3260A8786D9E46AC468846CA90CC0@DB7PR08MB3260.eurprd08.prod.outlook.com>
 <DB7PR08MB3097B69CE3A326D08B3403EC84CB0@DB7PR08MB3097.eurprd08.prod.outlook.com>
 <06a2aa56-d4ec-3db2-0e82-12211daa5fa7@nuviainc.com> <DB7PR08MB309761F021EA3B761AAC241584A60@DB7PR08MB3097.eurprd08.prod.outlook.com>
 <dd307ec4-4b5f-4e98-aa32-3a145971548e@nuviainc.com>
In-Reply-To: <dd307ec4-4b5f-4e98-aa32-3a145971548e@nuviainc.com>
From: "Ard Biesheuvel" <ardb@kernel.org>
Date: Thu, 11 Feb 2021 19:26:25 +0100
X-Gmail-Original-Message-ID: <CAMj1kXFK=uFtF_F8S7PhWn_TQJzFm2HMC4Ns5Uh4vOFLtmQzrw@mail.gmail.com>
Message-ID: <CAMj1kXFK=uFtF_F8S7PhWn_TQJzFm2HMC4Ns5Uh4vOFLtmQzrw@mail.gmail.com>
Subject: Re: [edk2-devel] RFC: Adding support for ARM (RNDR etc.) to RngDxe
To: devel@edk2.groups.io, Rebecca Cran <rebecca@nuviainc.com>
Cc: Sami Mujawar <Sami.Mujawar@arm.com>, 
	Samer El-Haj-Mahmoud <Samer.El-Haj-Mahmoud@arm.com>, Ard Biesheuvel <Ard.Biesheuvel@arm.com>, 
	"leif@nuviainc.com" <leif@nuviainc.com>, "rfc@edk2.groups.io" <rfc@edk2.groups.io>, 
	Jiewen Yao <jiewen.yao@intel.com>, Rahul Kumar <rahul1.kumar@intel.com>, nd <nd@arm.com>, 
	Jose Marinho <Jose.Marinho@arm.com>
Content-Type: text/plain; charset="UTF-8"

On Wed, 10 Feb 2021 at 23:49, Rebecca Cran <rebecca@nuviainc.com> wrote:
>
> On 1/15/21 7:51 PM, Sami Mujawar wrote:
>
> > I have shared some initial thoughts on the RNG implementation updates at https://edk2.groups.io/g/devel/files/Designs/2021/0116/EDKII%20-%20Proposed%20update%20to%20RNG%20implementation.pdf
> >
> > Kindly let me know your feedback or if you have any queries.
> The ARMv8.5 RNDRRS instruction appears to be missing from the diagram on
> page 11 - it has RngLib|RNDR, which is listed under PRNG, but RNDRRS
> returns a true random number. From the Arm ARM:
>
> "Returns a 64-bit random number which is reseeded from the True
> Random Number source immediately before the read of the random number."
>

This is an unfortunate oversight in the architecture, but RNDRRS most
certainly does not return a true random number.

RNDR and RNDRRS both return the output of a DRBG (pseudo RNG), and the
only difference is the reseed rate: RNDRRS triggers a reseed on every
invocation, whereas RNDR triggers a reseed at an IMPDEF rate.